Lucene search
K
CdwanjiangFlash Flood Disaster Monitoring And Warning System

6 matches found

CVE
CVE
added 2023/08/05 11:0 p.m.61 views

CVE-2023-4172

CVE-2023-4172 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. The vulnerability arises from improper handling of the FileDirectory argument in the FileHandler.ashx (path/file processing), enabling absolute path traversal via a remote attack. Exploitation has been disclosed...

7.5CVSS6AI score0.00786EPSS
CVE
CVE
added 2023/08/05 9:0 p.m.56 views

CVE-2023-4171

CVE-2023-4171 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0, targeting the file \Service\FileDownload.ashx (or ServiceFileDownload.ashx in some records). The vulnerability stems from improper handling of the Files argument, enabling path traversal to ../filedir. The issue...

5.3CVSS5AI score0.00941EPSS
CVE
CVE
added 2023/07/20 10:0 p.m.55 views

CVE-2023-3798

CVE-2023-3798 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. The vulnerability is in the file path "/App_Resource/UEditor/server/upload.aspx" where manipulation of the file parameter enables unrestricted file upload. Exploitation status is disclosed publicly in the source...

9.8CVSS7.7AI score0.00775EPSS
Web
CVE
CVE
added 2023/07/21 12:31 a.m.43 views

CVE-2023-3803

CVE-2023-3803 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0, specifically the File Name Handler component and the /Service/ImageStationDataService.asmx file. The root cause is a flaw that leads to insufficiently random values. Documented attack complexity is high and expl...

3.7CVSS4AI score0.00545EPSS
CVE
CVE
added 2023/07/21 12:0 a.m.42 views

CVE-2023-3802

CVE-2023-3802 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. The issue resides in the file /Controller/Ajaxfileupload.ashx, where manipulating the file argument enables unrestricted file uploads. Public disclosure of the exploit is noted. Remediation details are not expli...

9.8CVSS7.6AI score0.00832EPSS
Web
CVE
CVE
added 2023/07/21 1:0 a.m.36 views

CVE-2023-3804

CVE-2023-3804 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. The vulnerability is in the file /Service/FileHandler.ashx, where manipulation of the argument userFile enables unrestricted upload. The exploit has been publicly disclosed. Several sources confirm this is a cod...

9.8CVSS7.7AI score0.00742EPSS
Web